W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2001

Re: KeyInfo Extensibility poll

From: Carl Wallace <cwallace@erols.com>
Date: Wed, 24 Jan 2001 08:02:06 -0500
Message-ID: <001401c08605$db2d6e40$0700a8c0@dmn1.corsec.com>
To: "Gregor Karlinger" <gregor.karlinger@iaik.at>, "merlin" <merlin@baltimore.ie>, "Donald E. Eastlake 3rd" <lde008@dma.isg.mot.com>
Cc: <w3c-ietf-xmldsig@w3.org>
> Allowing option (2) is the same mechanism at one structural level
> lower, isn't it? If there is information within a X509Data element
> which I do not understand, I simply ignore it. If the information
> is critical, then (1) must be used to derive a new x509 data type
> in a different namespace.

It is a similar mechanism one level lower, but isn't it cleaner for the
mechanism to exist at one level instead of two and in one data type instead
of five?  Option two opens the possibility of encountering an X509Data
element, or potentially worse a KeyValue element,  that contains only
material that you do not understand.

Carl Wallace
Corsec Security, Inc.
Received on Wednesday, 24 January 2001 07:57:44 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:12 GMT